The urge to prioritize compliance is understandable; after all, a breach may happen, but an audit will happen. A focus on avoiding penalties, a misunderstanding of the purpose of regulations and the tendency to meet the bare minimum requirements are all signifiers of a compliance-first approach. None of them deliver real security.
Adrian Schofield sheds light on tech in South Africa
Mark Chillingworth on IT leadership